Fateme Borjal Bayatiani; Hamid Mala
Abstract
Today, passive RFID tags have many applications in various fields such as healthcare, transportation, asset management, and supply chain management. In some of these applications, a group of tags need to prove they are present in the same place at the same time. To solve this problem, many protocols ...
Read More
Today, passive RFID tags have many applications in various fields such as healthcare, transportation, asset management, and supply chain management. In some of these applications, a group of tags need to prove they are present in the same place at the same time. To solve this problem, many protocols have been proposed so far, and each of them has been able to solve some security and performance problems, but unfortunately, many of these protocols have security vulnerabilities or do not have the necessary performance to run on passive RFID tags. In this study, a secure and lightweight protocol for RFID tags grouping proof called LSGPP is proposed. In this protocol, the reader is an untrusted entity, in other words, the protocol is secure even if the reader is hijacked by an attacker. This study shows that the LSGPP protocol is secure against tracking, eavesdropping, replay, concurrency, impersonation, desynchronization, denial of service (DoS), proof forgery, message integrity, man-in-the-middle, secret disclosure, denial of proof (DoP), and unlinkability attacks, and supports anonymity and forward secrecy features. Also, in this study, the notion of RFID reader compromised attack is introduced, and it is shown that, unlike its predecessors, the LSGPP protocol is also secure against this attack. Also, using the Proverif tool, it is shown that the proposed protocol provides confidentiality and authentication features. The LSGPP protocol uses lightweight operations affordable for passive RFID tags and is shown to be compliant with the EPC C1G2 standard.
Hamid Mala; Mohammad Reza Saeidi
Abstract
In the last two decades bilinear pairings have found many applications in cryptography. Meanwhile identity-based cryptosystems based on bilinear pairings have received particular attention. The IEEE, IETF, and ISO organizations have been working on standardization of pairing-based cryptographic schemes. ...
Read More
In the last two decades bilinear pairings have found many applications in cryptography. Meanwhile identity-based cryptosystems based on bilinear pairings have received particular attention. The IEEE, IETF, and ISO organizations have been working on standardization of pairing-based cryptographic schemes. The Boneh-Franklin identity-based encryption and Sakai-Kasahara identity-based signature are the most well-known identity-based schemes that have been standardized. So far, various schemes have been proposed to reduce the computational overhead of pairing operations. All these schemes are trying to outsource pairing operations in a secure manner. But besides pairing operations, there are other basic and costly operations in pairing-based cryptography and identity-based schemes, including scalar multiplication on elliptic curves. In this research, we outsource the Boneh-Franklin encryption in a more secure and efficient (in terms of computational and communication complexity) way than existing schemes. Also we outsource the BLMQ signature (based on Sakai-Kasahara) scheme for the first time. The proposed schemes are secure in the OMTUP model. Also, unlike previous schemes, we considered communication channels insecure. Moreover, compared with the trivial solution which outsources every single operation (such as pairing, scalar multiplication and modular exponentiation) as a separate subroutine, our schemes offer less complexity by seamlessly outsourcing the whole encryption scheme for the first time.